dependabot[bot]
cf9ebf7810
rebase: bump github/codeql-action from 3.27.6 to 3.27.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.6 to 3.27.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](aa57810251...df409f7d92
2024-12-17 15:47:36 +00:00
dependabot[bot]
3c63fea23a
rebase: bump github/codeql-action from 3.27.5 to 3.27.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.5 to 3.27.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f09c1c0a94...aa57810251
2024-12-12 05:47:23 +00:00
Madhu Rajanna
a32ba13045
ci: update github action commenter
...
updating the github action pull
request commentor to drop
older unsupported release and support
3.13 release.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-12-03 15:34:13 +00:00
dependabot[bot]
18ecbfd9c7
rebase: bump actions/dependency-review-action from 4.4.0 to 4.5.0
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](4081bf99e2...3b139cfc5f
2024-11-26 08:40:26 +00:00
dependabot[bot]
efc58ed742
rebase: bump github/codeql-action from 3.27.4 to 3.27.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.4 to 3.27.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ea9e4e3799...f09c1c0a94
2024-11-26 08:19:56 +00:00
dependabot[bot]
86baab7322
rebase: bump github/codeql-action from 3.27.1 to 3.27.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.1 to 3.27.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4f3212b617...ea9e4e3799
2024-11-20 09:50:33 +00:00
dependabot[bot]
1981d7fb38
rebase: bump github/codeql-action from 3.27.0 to 3.27.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.0 to 3.27.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](662472033e...4f3212b617
2024-11-12 09:35:15 +00:00
dependabot[bot]
c3c00b0e61
rebase: bump github/codeql-action from 3.26.13 to 3.27.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.13 to 3.27.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f779452ac5...662472033e
2024-10-29 07:10:48 +00:00
dependabot[bot]
2f0af46080
rebase: bump actions/dependency-review-action from 4.3.4 to 4.4.0
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.3.4 to 4.4.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](5a2ce3f5b9...4081bf99e2
2024-10-29 06:40:42 +00:00
dependabot[bot]
710e3340ee
rebase: bump actions/checkout from 4.2.1 to 4.2.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](eef61447b9...11bd71901b
2024-10-29 06:09:06 +00:00
dependabot[bot]
0c5619b2a2
rebase: bump github/codeql-action from 3.26.12 to 3.26.13
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.12 to 3.26.13.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](c36620d31a...f779452ac5
2024-10-15 08:29:11 +00:00
Nikhil-Ladha
396a475909
ci: fix Dockerfile path for snyk container action
...
update the Dockerfile path for the snyk github action
Signed-off-by: Nikhil-Ladha <nikhilladha1999@gmail.com>
2024-10-10 13:06:10 +00:00
dependabot[bot]
71193bcaa1
rebase: bump github/codeql-action from 3.26.10 to 3.26.12
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.10 to 3.26.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](e2b3eafc8d...c36620d31a
2024-10-08 06:18:15 +00:00
dependabot[bot]
b94a55c0d3
rebase: bump actions/checkout from 4.2.0 to 4.2.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](d632683dd7...eef61447b9
2024-10-08 05:47:27 +00:00
Nikhil-Ladha
44368bfeb4
ci: use private retest github action
...
use private retest github action instead of pinning
to a single branch/commit hash.
Signed-off-by: Nikhil-Ladha <nikhilladha1999@gmail.com>
2024-10-02 09:11:19 +00:00
dependabot[bot]
5aec13d7e6
rebase: bump actions/checkout from 4.1.7 to 4.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](692973e3d9...d632683dd7
2024-10-01 09:37:48 +00:00
dependabot[bot]
b18f5b4654
rebase: bump github/codeql-action from 3.26.8 to 3.26.10
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.8 to 3.26.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](294a9d9291...e2b3eafc8d
2024-10-01 09:16:31 +00:00
dependabot[bot]
ecf25038f2
rebase: bump github/codeql-action from 3.26.7 to 3.26.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.7 to 3.26.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8214744c54...294a9d9291
2024-09-25 07:43:09 +00:00
StepSecurity Bot
56d08e1b4d
ci: Harden GitHub Actions
...
Update GitHub actions to use full length commit ids for
third-party actions to reduce security risk in case of vulnerabilities.
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: Nikhil-Ladha <nikhilladha1999@gmail.com>
2024-09-19 11:00:39 +00:00
Niels de Vos
cde5048dd2
ci: pass the correct account token for Snyk jobs
...
The secret in the project settings has a typo and is called `SYNK_TOKEN`
instead of `SNYK_TOKEN`. Changing the name of the secret does not seem
to be trivial; it needs to be deleted and re-created, which requires
obtaining a new token, somehow. Adopting the name with the typo in the
GitHub Workflow is easier.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-08-27 09:58:24 +00:00
Madhu Rajanna
b0751cb06e
ci: update rules for 3.12 release
...
updating release for 3.12 release
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-08-14 15:11:41 +00:00
Nikhil-Ladha
71cbf3d7eb
ci: add test for uncommitted changes in deploy directory
...
added test for uncommitted changes in deploy directory under go-test GH action.
Also, created a new make target named `make check-deploy-committed` that
can be used to verify the uncommitted changes.
Signed-off-by: Nikhil-Ladha <nikhilladha1999@gmail.com>
2024-08-13 12:17:43 +00:00
Niels de Vos
6f043698d1
ci: add e2e-build-test for compiling the e2e testsuite
...
When Go modules get updated, golangci-lint sometimes fails with weird
errors. One of the common causes seems to be that there is a dependency
breakage between modules that are only used within the e2e test suite. A
normal build of the cephcsi executable succeeds, but building ./e2e
would fail.
By adding a job to build the e2e.test executable, a clear error message
will be reported when there are package dependency conflicts.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-06-28 08:38:54 +00:00
Niels de Vos
c558588bd8
ci: trigger k8s-1.30 jobs for current Ceph-CSI versions
...
Run CI jobs with Kubernetes 1.30 for the devel branch and upcoming
releases.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-05-02 15:25:58 +00:00
Niels de Vos
6009c28c30
ci: do not run k8s-1.26 tests for release-v3.11 and devel
...
The k8s-external-storage/1.26 CI job does not work with the versions
that are part of the release-v3.11 and devel branches.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-05-02 15:25:58 +00:00
Rakshith R
97bc20ae5a
ci: update pr-commentor rules matrix
...
This commit adds rules for release-v3.11
and removes rules for release-v3.9.
Signed-off-by: Rakshith R <rar@redhat.com>
2024-04-02 08:07:30 +00:00
Niels de Vos
fe050557c9
ci: no need to test the devel branch with k8s v1.26
...
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-02-15 08:22:16 +00:00
dependabot[bot]
6e20a7d062
rebase: bump peter-evans/create-or-update-comment from 3 to 4
...
Bumps [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment ) from 3 to 4.
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases )
- [Commits](https://github.com/peter-evans/create-or-update-comment/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: peter-evans/create-or-update-comment
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-30 11:58:48 +00:00
dependabot[bot]
43d2f86dc7
rebase: bump actions/dependency-review-action from 3 to 4
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3 to 4.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](https://github.com/actions/dependency-review-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-24 08:48:11 +00:00
Riya Singhal
c807059618
ci: update github actions for k8s-1.29
...
kubernetes 1.29 is release recently, updating the
github action for the same.
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2024-01-04 13:02:44 +00:00
dependabot[bot]
4c97bbb2e4
rebase: bump github/codeql-action from 2 to 3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-19 08:29:02 +00:00
dependabot[bot]
6cab5bfd42
rebase: bump actions/stale from 8 to 9
...
Bumps [actions/stale](https://github.com/actions/stale ) from 8 to 9.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v8...v9 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-12 08:44:36 +00:00
Rakshith R
788b6629ec
ci: update pr-commentor rules matrix
...
This commit adds rules for release-v3.10
and removes rules for release-v3.8.
Signed-off-by: Rakshith R <rar@redhat.com>
2023-11-30 10:21:27 +01:00
Riya Singhal
aa55317c74
ci: add ci bot for auto assigning issue
...
this will auto assign the issue to the user who
commented /assign
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-11-22 13:19:26 +00:00
Madhu Rajanna
63f48874ad
ci: add snyk for container image
...
adding a github action to do security
scanning for the cephcsi container image
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-11-16 10:23:13 +00:00
Madhu Rajanna
6b3665b80c
ci: add snyk scanning
...
adding snyk github action to
run when a PR is merged to the release
branch or when a new release is done.
Run snyk weekly on the devel branch.
This will help us to track the security
scanning results and fix if anything is
required and also it serves as a placeholder
for security scanning result for a while.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-11-16 05:23:19 +00:00
dependabot[bot]
7f96dc8a64
rebase: bump actions/github-script from 6 to 7
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-11-14 09:12:35 +00:00
Niels de Vos
ba37ff73ac
ci: run tickgit after merging a PR in the devel branch
...
The `tickgit.com` webservice seems to not update itself anymore, but
having a list of TODO's is very useful. Use the tickgit project to
gather the TODO's, bit in a GitHub Workflow.
Developers can also run `make containerized-test TARGET=tickgit` to get
the result locally.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-11-08 08:29:10 +00:00
Madhu Rajanna
311193d5ca
doc: add pending release notes
...
Keeping track of changes between releases
and fetching that information during
release is difficult, Adding a doc to
keep track of the changes between major
releases which helps during release.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-11-03 10:13:30 +00:00
Niels de Vos
e97bd247c8
ci: do not include go-ceph in generic GitHub package rebases
...
go-ceph is an important package that we consume. It is better to have
that as separate rebase PR from Dependabot and not include it in the
general GitHub package group.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-10-12 05:39:33 +00:00
Niels de Vos
7cfe1127ce
ci: group golang.org/x/ under golang dependencies
...
Golang dependencies are already grouped, but they only contain packages
from `github.com/golang*`. There are more Golang standard packages that
are located at `golang.org/x/*`. Because of the tight relationship
between these packages, it is more efficient to group updates together.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-10-10 11:53:00 +00:00
dependabot[bot]
5677834d24
rebase: bump docker/login-action from 2 to 3
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-20 10:03:37 +00:00
dependabot[bot]
b3ef8672a4
rebase: Bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-05 08:47:25 +00:00
Madhu Rajanna
4a8c901405
ci: use dependabot group feature
...
enable dependabot raising PR by groups to
reduce PR and save CI resources.
This uses the beta groups feature of dependabot
More details here
https://docs.github.com/en/code-security/ \
dependabot/dependabot-version-updates/\
configuration-options-for-the-dependabot.yml-file#groups
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-08-29 14:01:10 +00:00
Niels de Vos
ee843e6ffd
ci: only add /test .. comment if the branch for the PR matches
...
By adding an if-statement for each step of the matrix job, only those
steps are executed where the base ref of the PR matches the branch in
the matrix parameters.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-08-22 11:28:37 +00:00
Niels de Vos
2d120f2e10
ci: exclude branches from the testing matrix for ok-to-test comments
...
It seems that `matrix.*` parameters can not be used in the if-statement
for a job. Now using the `exclude:` parameter with a more dynamically
constructed value for the branch. If the value for the branch is not
part of the initial branch list, the value will not be excluded, so the
jobs are expected to run.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-08-22 11:09:14 +00:00
Niels de Vos
a57fe08e7d
ci: run versioned k8s jobs only on selected branches
...
By using a matrix strategy with excluding certain branches and
Kubernetes versions, the number of CI jobs per PullRequest should stay
limited.
Closes : #4060
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-08-21 11:06:29 +00:00
Madhu Rajanna
9ffd3ffd98
ci: update pull request commentor for kube 1.28.0
...
updating pull request commentor to
run tests with kubernetes 1.28.0
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-08-21 09:32:25 +02:00
Niels de Vos
f371aa2677
ci: use podman for simple GitHub workflows
...
`podman` is installed by default on the Ubuntu runners. Podman is
recommended for developers and contributors, as there are no elevated
privileges required to run it. Docker requires extra permissions to
build and or run container images, and contributors to Ceph-CSI should
not need to spend time working with that (several developers run the
`docker` command with `sudo`, which is discouraged).
Only the multi-arch Workflows require Docker, for the time being.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-08-07 16:34:44 +00:00
Niels de Vos
ce26b0e212
ci: allow CVE-2019-11255 in Kubernetes module dependency
...
It is unclear how a module for utility functions can have the same
problem as a separate side-car that is expected to do the input
validation. The side-cars have been fixed already, no further details
are in the CVE description (from 2019).
See-also: https://github.com/advisories/GHSA-f4w6-3rh6-6q4
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-07-26 13:34:23 +00:00
